<html>
<body>
<p>Inner iframe on a foreign domain.</p>
<iframe id="aFrame" name="aFrame"></iframe>
<script>
    window.onload = function() {
        var url = "data:text/html,<html>"
            + "<head>"
            +     "<scr" + "ipt>"
            +         "window.onload = function()"
            +         "{"
            +             "try {"
            +                 "top.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a data: URL on a different domain was allowed';"
            +                 "console.log('FAIL: No exception thrown.');"
            +             "} catch (e) {"
            +                 "console.log('PASS: Exception thrown successfully.');"
            +             "}"
            +             "if (window.testRunner)"
            +                 "testRunner.notifyDone();"
            +         "}"
            +     "</scri" + "pt>"
            + "</head>"
            + "<body>"
            +     "<p>Inner-inner iframe. This iframe (which is data: URL and whose parent is on a foreign domain) is the frame attempting to access"
            +     " the main frame.  It should not have access to it.</p>"
            + "</body>"
            + "</html>";

        var frame = document.getElementById('aFrame');
        frame.src = url;
    };
</script>
</body>
</html>
